STIGQter STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority.

DISA Rule

SV-235990r628748_rule

Vulnerability Number

V-235990

Group Title

SRG-APP-000435-AS-000163

Rule Version

WBLC-08-000237

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

1. Access AC
2. From 'Domain Structure', select 'Environment' -> 'Work Managers'
3. Utilize 'Change Center' to create a new change session
4. Click 'New', select 'Work Manager' radio option, click 'Next'
5. Type a unique name, click 'Next', select server(s) which to apply this work manager to, click 'Finish'
6. Select newly created work manager from table to configure
7. Set thread and capacity constraints for this work manager, target the server(s) to apply these constraints to, click 'Save'
8. Deploy applications requiring prioritization to the server(s) selected as target of the work manager in order to apply the priority conditions specified by the work manager to deployed applications

Check Contents

1. Access AC
2. From 'Domain Structure', select 'Environment' -> 'Work Managers'
3. Existing Work Managers will appear in the list

If Work Managers are not created to allow prioritization of resources, this is a finding.

Vulnerability Number

V-235990

Documentable

False

Rule Version

WBLC-08-000237

Severity Override Guidance

1. Access AC
2. From 'Domain Structure', select 'Environment' -> 'Work Managers'
3. Existing Work Managers will appear in the list

If Work Managers are not created to allow prioritization of resources, this is a finding.

Check Content Reference

M

Target Key

5282

Comments